2.2 Replacing an Existing Primary Server with a New Primary Server

NOTE:To replace a Windows or a Linux Primary Server with an Appliance server, see Moving from a Windows or Linux Primary Server to Appliance

If you have only one Primary Server in the Management Zone and if you want to replace the device hosting the Primary Server with a new device that has the same host name and IP address as the old device, you must move the Primary Server to the new device.

Ensure that the version on the new server and the existing Primary Server is ZENworks 2020 Update 2.

Ensure that the following settings are the same as that of the old Primary Server:

IP address and DNS name, Total RAM, Installation drive and path, ZENworks Ports, Management Zone name, Database Names (for both ZENworks and Audit Databases)

For MDM features like Mobile device communication, Apple VPP and Android Enterprise Subscription, Push Notification Services, etc. to work seamlessly after ZENWorks Server restore, it is mandatory that the new ZENworks Server’s hostname and IP must be the same as that of the backed up ZENworks Server; and the hostname must be resolvable to the IP address configured.

NOTE:If you want to replace more than one Primary Server, you need to install the same number of servers and replace each server on a one to one basis, either simultaneously or sequentially. For faster deployment, all servers can be deployed to a single temporary zone.

IMPORTANT:

  • If you have two Primary Servers (PS1 and PS2) in the zone and both are configured as MDM Servers, then if PS1 is removed/deleted, then all the mobile devices enrolled to PS1 should be re-enrolled to PS2.

  • If you are replacing a Primary Server (PS1) with another Primary Server (DR1) with the same DNS name. If PS1 is configured as an MDM server, then even DR1 becomes an MDM server, as DR1 is equivalent to PS1. Hence, all mobile devices enrolled to PS1 work seamlessly with DR1.

  1. Take a reliable backup of the existing ZENworks Server.

    For detailed information on how to take a backup of the ZENworks Server, see Section 1.0, Backing Up and Restoring the ZENworks Server and Certificate Authority.

  2. Take a backup of the novell-tftp.conf and novell-proxydhcp.conf files from /etc/opt/novellon Linux and files from ZENWORKS_HOME\conf\preboot on Windows.

  3. (Conditional) If Vertica is enabled, then take a back up of the database files available at /vastorage/home/dbadmin/zenworks and the config file available at /opt/vertica/config/admintools.conf.

  4. (Conditional) Take a reliable backup of the database.

    Take a backup in any of the following scenarios:

    • You are using an internal ZENworks database.

    • You are using an external database installed on the device hosting the Primary Server and you do not plan to use the device after uninstalling the Primary Server.

    MS SQL: For detailed information on how to move the data to a new MS SQL database, see the MS SQL documentation. Later on, perform the steps described in Configuring the ZENworks Server to Point to the New MS SQL Database Containing Data Moved from Another MS SQL Database in the ZENworks Database Management Reference.

    Oracle: For detailed information on how to move the data from one Oracle database to another Oracle database, see the Oracle documentation. Later on, perform the steps described in Configuring the ZENworks Server to Point to the New Oracle Database Containing Data Moved from Another Oracle Database in the ZENworks Database Management Reference.

    PostgreSQL: For detailed information on how to move the data from one PostgreSQL database to another PostgreSQL database, see the Oracle documentation. Later on, perform the steps described in Moving an Embedded PostgreSQL Database from One Primary Server to another Primary Server in the ZENworks Database Management Reference.

    To take a backup of an external database, see the documentation for the database.

  5. Stop all the ZENworks services on the Primary Server.

    For detailed information on how to stop the ZENworks services on Windows, see Stopping the ZENworks Services in the ZENworks Primary Server and Satellite Reference. For detailed information on how to stop the ZENworks services on Linux, see Stopping the ZENworks Services in the ZENworks Primary Server and Satellite Reference.

  6. Take a reliable backup of the content-repo directory of the Primary Server.

    The content-repo directory is located by default in the ZENworks_installation_directory\work directory on Windows and in the /var/opt/microfocus/zenworks/on Linux.

    Ensure that the images directory located within the content-repo directory has been successfully backed up.

  7. (Optional) If there are any TFTP customizations related to imaging, then back up the TFTP files. The tftp directory is located in the /srv/ folder on Linux and in %ZENWORKS_HOME%\share\ on Windows.

  8. Disconnect the device from the network.

  9. To restore on a new Primary Server, ensure that the total RAM allocated in the new Primary Server is the same as that in the existing Primary Server. For a Primary Server hosted in the virtual environment, you need to reserve the allocated memory.

  10. Install ZENworks 2020 Update 2 on the new server with the following settings that are same as that of the old Primary Server:

    • Installation drive and path.

    • ZENworks Ports

    • Management Zone name

    For detailed information on how to install ZENworks, see Installing a ZENworks Primary Server on Windows in the ZENworks Server Installation.

    NOTE:Install the new server to a temporary zone and not to the existing production zone.

    The new server can be installed with any database engine (preferably the same database engine as that in the production zone, that is, if the production zone is using MSSQL, then install the new server with MSSQL in the temporary zone). After the existing Primary Server is replaced with the new server, the new server will start using the actual database in the production zone.

  11. Do the following on the new Primary Server:

    1. Restore the backed-up ZENworks Server.

      For detailed information on how to restore the ZENworks Server, see Section 1.0, Backing Up and Restoring the ZENworks Server and Certificate Authority.

    2. Restore the files novell-tftp.confand novell-proxydhcp.conf, which were backed up in Step 2, to/etc/opt/novell on Linux and ZENWORKS_HOME\conf\preboot on Windows.

    3. Run the following commands on ZENworks server, after restoring the backed-up ZENworks Server:

      • rm -f /etc/opt/novell/zenworks/preboot/novell-tftp.conf

      • ln -s /etc/opt/novell/novell-tftp.conf /etc/opt/novell/zenworks/preboot/novell-tftp.conf

      • rm -f /etc/opt/novell/zenworks/preboot/novell-proxydhcp.conf

      • ln -s /etc/opt/novell/novell-proxydhcp.conf /etc/opt/novell/zenworks/preboot/novell-proxydhcp.conf

    4. (Conditional) Restore the backed-up database.

    5. (Conditional) If you are restoring on a Linux server, then go to /usr/lib64 and execute the ln -s libhd.so.21 libhd.so.15 command.

    6. (Conditional) To restore Vertica in the new server, perform the following steps:

      1. Run the following command and provide GUID, DNS, or the path of the new server:

        zman server-role-vertica-prepare-server

      2. Run the command su dbadmin to switch user to dbadmin.

      3. Install Vertica on the new server by executing the following commands:

        • sudo /opt/vertica/sbin/install_vertica --record-config vertica-install.conf --license CE --accept-eula --dba-user-password <dbadmin_password> --hosts <DNS-of-machine> -l /vastorage/home/dbadmin --failure-threshold FAIL
        • sudo /opt/vertica/sbin/install_vertica --config-file vertica-install.conf

      4. Restore the backed up database files to the path /vastorage/home/dbadmin/zenworks and the config file to the path /opt/vertica/config/admintools.conf. Ensure that the permission of these files are set to dbadmin:verticadba.

      5. Run the following command:

        ssh-keygen -R <ip of replacing host> -f /vastorage//home/dbadmin/.ssh/known_hosts

      6. (Conditional) If Vertica is running as a cluster, enable passwordless ssh amongst the other servers in the zone by running the command ssh-copy-id dbadmin@<ip of the machine that we are replacing> from another Vertica server in the cluster. Subsequently, stop the Vertica service on all other servers in the Vertica cluster and go to , to start the database from any other server in the cluster.

      7. (Conditional) If the IP address of the new server is different from that of the older server, then run the following command in the older server.

        1. Login as dbadmin (su dbadmin)

        2. Run the following command where the content of the ip.txt file should be <old ip> <new ip>:

          admintools -t re_ip -f /tmp/ip.txt

      8. Run the following command and wait for the database to start:

        admintools -t start_db –d zenworks

    7. If kafka is configured, enable kafka services by running the following command: systemctl enable <Kafka Service Name>;

      Kafka Service Name

      • microfocus-zenkafka.service

      • microfocus-zenkafka-schema-registry.service

      • microfocus-zenkafka-connect.service

    8. If you are restoring on a Linux server, run the following:

      1. microfocus-zenworks-configure -c MergeTruststore -Z

        (Conditional) If microfocus-zenworks-configure -c MergeTruststore -Z is executed on a Linux server, run the microfocus-zenworks-configure -c UpdateTrustStorePasswordConfigureAction command, and then run the permission.sh file available at /opt/microfocus/zenworks/bin/.

      2. microfocus-zenworks-configure -c UpdateTrustStorePasswordConfigureAction

      3. microfocus-zenworks-configure -c GenerateOSPProperties

      4. (Only on Appliance) microfocus-zenworks-configure -c UnifyTrustStoreForApplianceConfigureAction

      5. microfocus-zenworks-configure -c UpdateJMXOptions

      6. microfocus-zenworks-configure -c EnableJMX

      7. microfocus-zenworks-configure -c ZenProbe

      8. Run the permissions.sh file available at /opt/microfocus/zenworks/bin/.

      9. microfocus-zenworks-configure -c Start: Select the restart option to restart the services.

    9. If you are restoring on a Windows Server, run the following:

      1. microfocus-zenworks-configure -c MergeTruststore -Z

      2. microfocus-zenworks-configure -c EnableJMX

      3. microfocus-zenworks-configure -c GenerateOSPProperties

      4. microfocus-zenworks-configure -c ZenProbe

      5. microfocus-zenworks-configure -c Start: Select the restart option to restart the services.

    10. Re-create all the default and custom deployment packages.

      Default Deployment Packages: At the server’s command prompt, enter the following command:

      microfocus-zenworks-configure -c CreateExtractorPacks -Z

      IMPORTANT:Ensure that you do not run the zman surp command instead of microfocus-zenworks-configure -Z -c CreateExtractorPacksConfigureAction to rebuild deployment packages. The commandmicrofocus-zenworks-configure -Z -c CreateExtractorPacksConfigureAction uses a different method to rebuild deployment packages. For more information, see Rebuilding the Default Packages in ZENworks Discovery, Deployment, and Retirement Reference.

      Custom Deployment Packages: At the server’s command prompt, enter the following command:

      microfocus-zenworks-configure -c RebuildCustomPacks -Z

      To avoid any errors while running this command, ensure that the custom packages are available in the new server at the following locations before you run the command:

      For Linux: /opt/microfocus/zenworks/install/downloads/custom

      For Windows: %zenserver_home%\install\downloads\custom

    11. Copy all the contents of the backed-up content-repo directory to the ZENworks_installation_directory\work\ directory on Windows or to the /var/opt/microfocus/zenworks/ directory on Linux. If you have any issues in copying content-repo directory in Linux then run permissions.sh command.

      (Optional) Also, copy the backed-up TFTP files to the second Primary Server. The tftp directory is located in the folder /srv/ on Linux and in the folder %ZENWORKS_HOME%\share\ on Windows.

    12. Run permissions.sh command.

    13. (Conditional) If Antimalware is configured, run the following configure actions:

      • microfocus-zenworks-configure -c ZENServicesFirewallConfigureAction -Dservice=antimalware -Doperation=ADD

      • microfocus-zenworks-configure -c AntimalwareServiceConfigureAction -Dam.service.action=start

  12. (Conditional) Execute the zac zesm-ref command to reset the ZENworks Endpoint Security Management cache on the managed devices.

  13. Ensure that the new server is running correctly. Subsequently, uninstall ZENworks 2020 from the old device. For detailed information on how to uninstall ZENworks 2020, see ZENworks Uninstall Guide.

WARNING:After the new Primary Server starts running, you must disconnect the old Primary Server from the network and uninstall ZENworks, or disable ZENworks services so that it cannot register back to the zone.